IoT risk and the smart factory: Building cyber resilience

Imagine this scenario: Somewhere, a James Bond villain is quietly building a network of sleeper cells that can be activated at a moment’s notice and targeted to take out computer networks, power grids, communications, and other critical infrastructure.

Now imagine tens of thousands of such secretive Bond villains — armed with up to 80 billion sleeper cells.

That’s the blockbuster risk of the Internet of Things (IoT), which analysts expect will encompass 25 billion to 80 billion connected devices by 2020. Without robust and up-to-date security and privacy protections, connected devices could potentially become vulnerable recruits for hackers, hacktivists, cyber-criminals, and state-sponsored cyber-soldiers, who can turn them into attack resources capable of inflicting catastrophic damage.

This isn’t Hollywood hyperbole; it’s already happening.

In October 2016, a botnet army of cameras, DVRs, routers, and other compromised IoT devices carried out a massive distributed denial-of-service (DDoS) attack on a domain name system provider, resulting in an extended access blackout of major Internet platforms and services across Europe and North America.1

Though that was the first known IoT-based DDoS attack, it followed a string of non-IoT attacks that proved the threat to vital systems. In December 2015, an attack in Turkey affected networks used by the country’s banks, media, and government.2 Later that same month, attackers staged the first known cyberattack on a power grid, cutting power to 230,000 in Ukraine while also disrupting phone lines to complicate recovery efforts.3 In May and June 2017, massive attacks using the WannaCry and NotPetya viruses infected more than 200,000 computers across 150 countries, disrupting the operations of several multinational companies.4

To date, the IoT’s principal risk has been the hackers’ ability to use networked IoT resources to launch outward-facing DDoS attacks. But industrial products manufacturers also face a parallel risk: With thousands of networked IoT devices linking the modern smart factory to the wider enterprise and the vendor ecosystem, a hacker could be able to exploit those devices’ security vulnerabilities could turn them into vectors for targeted, inward-facing attacks, potentially taking control of manufacturing plants, transportation and logistics systems, and other operational centers. Shut out of their own systems, businesses would be forced to pay up – (in bitcoin or other non-trackable crypto-currency) – or face extended operational downtime, loss of critical data, and compromise of personal and proprietary information.

This is the world now, where even relatively low-end hackers can exploit a company’s vulnerabilities to grind their operations to a halt. Faced with the growing digital attack surface presented by IoT proliferation, industrial products companies have to widen the scope of their cybersecurity strategies beyond data protection, if they’re to more broadly ensure their operational resilience.

Resilience begins with the imperative of business continuity but goes much deeper, enhancing an organization’s ability to anticipate, withstand, and recover from challenges and attacks, including cyber incidents. Building resilience to IoT and other cyber-risk includes the hardening of the company’s technology but also the hardening of risk infrastructure. At the top, corporate leaders must oversee cyber risk, by establishing comprehensive business continuity plans and crisis response strategies that can help reduce the risk of being caught flat-footed, and implementing resilience-building measures across the enterprise. Risk management functions should consider enhancing their models for cyber-risk management, by applying proactive risk management techniques and driving awareness of IoT and cyber-risk across the corporate culture, top to bottom.

Enterprise-wide cyber-risk management should consider adopting a defined IoT security strategy that encompasses policy, technology, and people skills, with areas of focus that include uniform cybersecurity standards and policies for IoT devices and systems; assessments of device and system interconnectivity and vulnerability across the business ecosystem; new data collection, data retention, and data destruction policies; and employee training in IoT cybersecurity best practices.

To address security in existing systems, organizations should consider conducting an inventory of in-use IoT devices and determine the most appropriate investments for improving security and mitigating risks. In some newer devices, for example, it may be possible to implement over-the-air patching, application, and firmware updates that utilize encryption and code signing.

Organizations may consider the following:

Implementing and maintaining, where relevant, enterprise-wide policies mandating sourcing of secure-by-design IoT devices that are able to maintain their integrity in a hostile and rapidly changing environment

Designing a device security system architecture that is flexible enough to meet future contingencies

Establishing a process to allow automatic remote updating or local updating by authorized users, to respond quickly to newly discovered vulnerabilities

Excluding, at the firmware layer, embedded passwords that cannot be overwritten or decommissioned

Including forensic logging and evidence-capture capabilities, to identify indicators of compromise

Designing products/systems to “fail safely” in the event they become infected with malware

With ransomware attacks on the rise and system downtime from cyber incidents growing year by year, it’s time for manufacturers to match their smart factories with smart defense, building their operational resilience and adopting bold IoT security strategies that can help ensure business and operational continuity and secure their key assets.